Non-digital identity theft can be as damaging as breaches from hacking

Hackers aren’t your only risk when it comes to identity theft and fraud.

Data breaches and hacks like those at Equifax, the IRS and Yahoo! tend to dominate the conversation — and no wonder. Breaches hit a record high in 2017, with 1,579 reported incidents exposing nearly 179 million records, according to the Identity Theft Resource Center, which helps consumers dealing with identity theft and fraud.

But in recent years, a little more than half of thefts of consumers’ personally identifying information were classified as “non-digital,” meaning they didn’t involve — or at least, didn’t start with — the thief exploiting some cyber vulnerability, according to a 2017 report from the University of Texas at Austin’s Center for Identity.

“That’s usually a surprise to people,” said R. Sean McCleskey, director of organizational education and measurement at the Center for Identity. “It doesn’t get the attention, to some degree, that cybercrimes get.”

Analog thefts include say, data retrieved from a stolen laptop, lost wallet or pilfered mail. It also encompasses “insider theft” via family members and employees at companies where you do business, who exploited their access to paper or digital records.

The Center for Identity analysis used data from more than 5,000 identity theft and fraud cases occurring from 2000 through 2016. (Click on graphic to enlarge.)